Invention Grant
US08650625B2 Method and system for secure authentication of a user by a host system
有权
由主机系统对用户进行安全认证的方法和系统
- Patent Title: Method and system for secure authentication of a user by a host system
- Patent Title (中): 由主机系统对用户进行安全认证的方法和系统
-
Application No.: US13624030Application Date: 2012-09-21
-
Publication No.: US08650625B2Publication Date: 2014-02-11
- Inventor: Michael Grandcolas , Marc Guzman , Thomas Yee , Dilip Parekh , Yongqiang Chen
- Applicant: Citibank Development Center, Inc.
- Applicant Address: US CA Los Angeles
- Assignee: Citibank Development Center, Inc.
- Current Assignee: Citibank Development Center, Inc.
- Current Assignee Address: US CA Los Angeles
- Agency: Johnson, Marcou & Isaacs, LLC
- Agent John M. Harrington
- Main IPC: G06F7/04
- IPC: G06F7/04
Abstract:
A method and system for securely logging onto a banking system authentication server so that a user credential never appears in the clear during interaction with the system in which a user's credential is DES encrypted, and the DES key is PKI encrypted with the public key of an application server by an encryption applet before being transmitted to the application server. Within the HSM of the application server, the HSM decrypts and re-encrypts the credential under a new DES key known to the authentication server, the re-encrypted credential is forwarded to the authentication server, decrypted with the new DES key known to the authentication server, and verified by the authentication server.
Public/Granted literature
- US20130097429A1 Method and System for Secure Authentication of a User by a Host System Public/Granted day:2013-04-18
Information query
